NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.
All the Perl that's Practical to Extract and Report
use Perl Log In
schwern (1528)
schwern
(email not shown publicly)
http://schwern.net/
AOL IM: MichaelSchwern (Add Buddy, Send Message)
Jabber: schwern@gmail.com
Schwern can destroy CPAN at his whim.
(email not shown publicly)
http://schwern.net/
AOL IM: MichaelSchwern (Add Buddy, Send Message)
Jabber: schwern@gmail.com
Schwern can destroy CPAN at his whim.
Monday May 19, 2003
05:34 PM
support@microsoft.com
Never in the darkest days of Klez was it this bad. Overnight I got 300+ virus mails from "support@microsoft.com". THREE HUNDRED! Fortunately, SpamAssassin was ready.
For anyone else caught by this, here's my rules:
header FROM_SUPPORTMICROSOFT From =~
/\bsupport\@microsoft\.com\b/
describe FROM_SUPPORTMICROSOFT From: support@microsoft.com (virus)
score FROM_SUPPORTMICROSOFT 1.5
rawbody BODY_SUPPORTMICROSOFT/^All information is in the attached file\.\s*$/m
describe BODY_SUPPORTMICROSOFT support@microsoft.com virus body
score BODY_SUPPORTMICROSOFT 1.5
meta SUPPORTMICROSOFT_VIRUS FROM_SUPPORTMICROSOFT && BODY_SUPPORTMICROSOFT
describe SUPPORTMICROSOFT_VIRUS support@microsoft.com virus
score SUPPORTMICROSOFT_VIRUS 6.5
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
because that's exactly how much difference there is. :-)
--Larry Wall in <10209@jpl-devvax.JPL.NASA.GOV>
Stories, comments, journals, and other submissions on use Perl; are Copyright 1998-2006, their respective owners.
You're too kind (Score:1)
# If it's support@microsoft.com, just toss the damn thing
* ^From:.*support\@microsoft\.com
Re:You're too kind (Score:2)
{grin}
clamav++ (Score:2)